<?php
//iser list
if(!$_GET['cmd'])
{
	if(!perms_check('users', 'edit') and !perms_check('users', 'delete'))
	{
		redirect('index.php?module=error&error=auth_error');
		exit;
	}

	SQLvalidate($_GET['rec']);
	if(!$_GET['rec'])
		$_GET['rec']=0; 

	$fields=array('id', 'mail', 'gid', 'login', 'reg_date', 'active');

	//sort
	if($_GET['sort']!='ASC' && $_GET['sort'] != 'DESC')
		$_GET['sort']='ASC';
	if(!$_GET['sortby'] or !in_array($_GET['sortby'], $fields))
		$_GET['sortby']='active';
	if($_GET['sort']=='ASC')
		$sortnext='DESC';
	else
		$sortnext='ASC';
	//

	//dla wyszukiwarki
	$srch=NULL;
	if($_POST['search'] or $_GET['search'])
	{
		if($_GET['search'])
			$_POST['search']=$_GET['search'];

		$_POST['search']=read_text_rest($_POST['search']); 

		$srch=str_replace('*', '%', $_POST['search']);//* na % dla znak�w dowolnych
		$srch="WHERE login LIKE '$srch'";
	}
	if($srch && $_GET['gid'])
		$srch.=" && gid=".$_GET['gid'];
	elseif($_GET['gid'])
		$srch.="WHERE gid=".$_GET['gid'];
	//

	$content = string_template(read_file('admin/themes/users_header.php'), array("sortnext" => $sortnext));

	$db = new dbquery;
	$db->query("SELECT * FROM $conf[prefix_users]users $srch") or $db->err(__FILE__, __LINE__);  
	$q=$db->num_rows();

	$db->query("SELECT * FROM $conf[prefix_users]users $srch ORDER by $_GET[sortby] $_GET[sort] LIMIT $_GET[rec], $conf[admin_per_page]") or $db->err(__FILE__, __LINE__);  
	while ($usr = $db->fetch_array())
	{
		$i++;
		if($i>2)
			$i=1;

		$group = groups_get_name_by_id($usr['gid']);

		$content .= string_template(read_file('admin/themes/users_item.php'), array("id" => $usr['id'], "login" => read_text_rest($usr['login']), "mail" => $usr['mail'], "group" => read_text_rest($group), "gid"=>$usr["gid"], "reg_date" => $usr['reg_date'], "name" => read_text_rest($usr['name']), "surname" => read_text_rest($usr['surname']), "i" => $i, 'active'=>$usr['active']));
	}

	//page_link
	$page_link=split_to_pages('<A HREF="index.php?module=admin&action=users&sortby='.$_GET['sortby'].'&sort='.$_GET['sort'].'&search='.$_POST['search'].'&amp;rec={rec}">{nr}</A>', $conf['admin_per_page'], $q, $_GET['rec']);
	//

	$content .= string_template(read_file('admin/themes/users_footer.php'), array('theme_path' => $GLOBALS['theme_path'], 'page_link' => $page_link));
}

//user edit form
elseif($_GET['cmd'] == 'edit')
{
	SQLvalidate($_GET['id']);
	if(!$_GET['id'])
		$_GET['id']=0;

	$db = new dbquery;
	$db->query("SELECT * FROM $conf[prefix_users]users WHERE id = $_GET[id]") or $db->err(__FILE__, __LINE__);  

	if($db->num_rows() == 0)
	{
		redirect('index.php?module=error&action=users&error=error1'); 
		exit();
	}

	$usr = $db->fetch_array();

	if(!perms_check('users', 'edit'))
	{
		redirect('index.php?module=error&error=auth_error');
		exit;
	}

	//active
	if($usr['active'] == 1)
		$active = ' checked';
	else
		$active = NULL;

	//autologin
	if($usr['autologin'] == 1)
		$autologin = ' checked';
	else
		$autologin = NULL;

	//mailing
	if($usr['mailing'] == 1)
		$mailing = ' checked';
	else
		$mailing = NULL;

	if(perms_check('users', 'change_group'))
	{
		$can_ch_gr = 1;
		$group_options = groups_get_options($usr['gid']);
	}
	else
	{
		$can_ch_gr = 0;
		$gr = groups_get_name_by_id($usr['gid']);
		$group_options = "<option value=\"$usr[gid]\">$gr</option>";
	}

	//generating list of themes
	$thm_o = get_theme_array();

	foreach($thm_o as $file) {
		$theme_options.='<option value="'.$file.'"';

		if($usr['theme'] == $file)
			$theme_options.=' SELECTED';

		$theme_options.='>'.$file.'</option>';
	}
	//

	//generating language_options
	$av_langs = get_lang_list();

	$db->query("SELECT * FROM $conf[prefix]lang WHERE name = 'langname'");
	$row = $db->fetch_object();
	$language_options=NULL;
	foreach($av_langs as $l) {
		$language_options .= '<option value="'.$l.'"';
		if($l == $usr['lang'])
			$language_options  .= ' selected ';
		$language_options  .= '>'.$row->$l.'</option>';
	}
	//

	//je�eli jestobrazek to go wyswietl
	if(ereg('http:\/\/', $usr['avatar']) && $usr['avatar'])
		$image='<img src="'.$usr['avatar'].'" alt="" />';
	elseif(!ereg('http:\/\/', $usr['avatar']) && $usr['avatar'] && $usr['avatar']!='none')
		$image='<img src="'.$conf['avatar_upload'].$usr['avatar'].'" alt="" />';
	else
		$image='';
	//

	//current_moderate_options
	$cmo = explode(';', $usr['moderator']);

	//add_moderator_options
	if(is_module_installed('forum') && perms_check('forum', 'set_moderators'))
		$moderator_options=get_options_for_user_edit_moderators('', '', '&nbsp;&nbsp;', '->&nbsp;', '0', $cmo);
	//

	$content = string_template(read_file('users_form.php'), array('admin'=>1, 'user_id'=>$usr['id'], 'c_group' => $c_group, 'group_options' => $group_options, 'u_login' => read_text_rest($usr['login']), 'u_name' => read_text_rest($usr['name']), 'u_surname' => read_text_rest($usr['surname']), 'u_mail' => $usr['mail'], 'u_gg' => read_text_rest($usr['gg']), 'u_icq' => read_text_rest($usr['icq']), 'u_o2' => read_text_rest($usr['o2']), 'u_website' => read_text_rest($usr['website']), 'u_location' => read_text_rest($usr['location']), 'u_signature' => read_text_edit($usr['signature']), 'theme_options' => $theme_options, 'language_options' => $language_options, 'anti_auto_fill'=>time(), 'avatar_description'=> string_template($lang['avatar_description'], array('max_x'=>$conf['avatar_max_x'], 'max_y'=>$conf['avatar_max_y'])), 'function'=>'user_edit', 'image' => $image, 'current_moderate_options'=>$current_moderate_options, 'moderator_options'=>$moderator_options, 'u_autologin' => $autologin, 'u_mailing' => $mailing, 'u_active'=>$active));
	$description = $GLOBALS['lang']['users']['profile'];
}

//deleting user
elseif($_GET['cmd'] == 'delete')
{
	SQLvalidate($_GET['id']);
	if(!$_GET['id'])
		$_GET['id']=0;

	$db = new dbquery;
	$db->query("SELECT * FROM $conf[prefix_users]users WHERE id=$_GET[id]") or $db->err(__FILE__, __LINE__);  

	if($db->num_rows() == 0)
	{
		redirect('index.php?module=error&action=users&error=error1'); 
		exit();
	}

	$usr = $db->fetch_array();

	if(!perms_check('users', 'delete'))
	{
		redirect('index.php?module=admin&action=users'); 
		exit();
	}  

	$yes='<input type="button" onClick="javascript:location.href=\'index.php?module=users&function=user_delete&amp;id='.$usr[id].'\'" value="'.$lang['yes'].'" class="button">';
	$no='<input type="button" onClick="javascript:location.href=\'index.php?module=admin&amp;action=users\'" value="'.$lang['no'].'" class="button">';
	$content = string_template($lang['admin_really_delete'], array('yes' => $yes, 'no' => $no, 'what' => $usr[login]));      
}
elseif($_GET['cmd'] == 'add')
{
	if(!perms_check('users', 'register')) {
		redirect('index.php?module=admin&action=users'); 
		exit();
	}  

	if(perms_check('users', 'change_group')) {
		$can_ch_gr = 1;
		$group_options = groups_get_options(2);
	}
	else {
		$can_ch_gr = 0;
		$gr = groups_get_name_by_id(2);
		$group_options = "<option value=\"2\">$gr</option>";
	}

	//generating list of themes
	$theme_options = '';
	if ($dir = opendir("themes"))
	{	
		while($file = readdir($dir))
		{
			if(($file != ".") && ($file != ".."))
			{
				$theme_options.='<option value="'.$file.'"';
				if($conf['theme'] == $file)
					$theme_options.=' SELECTED';
				$theme_options.='>'.$file.'</option>';
			}
		}  
		closedir($dir);
	}
	//

	//generating language_options
	$av_langs = get_lang_list();

	$db->query("SELECT * FROM $conf[prefix]lang WHERE name = 'langname'");
	$row = $db->fetch_object();
	$language_options=NULL;
	foreach($av_langs as $l) {
		$language_options .= '<option value="'.$l.'"';
		if($l == $usr['lang'])
			$language_options  .= ' selected ';
		$language_options  .= '>'.$row->$l.'</option>';
	}
	//

	//add_moderator_options
	if(is_module_installed('forum') && perms_check('forum', 'set_moderators')) {
		$cmo=explode(';', $row->moderator);
		$moderator_options=get_options_for_user_edit_moderators('', '', '&nbsp;&nbsp;', '-&gt;&nbsp;', '0', $cmo);
	}
	//

	$content = string_template(read_file('users_form.php'), array('group_options' => $group_options, 'can_ch_gr' => $can_ch_gr, 'u_login' => $usr['login'], 'u_name' => $usr['name'], 'u_surname' => '', 'u_mail' => '', 'u_gg' => '', 'u_icq' => '', 'u_o2' => $usr['o2'], 'u_website' => '', 'u_location' => '', 'u_signature' => '', 'theme_options' => $theme_options, 'language_options' => $language_options, 'anti_auto_fill'=>time(), 'avatar_description'=> string_template($lang['avatar_description'], array('max_x'=>$conf['avatar_max_x'], 'max_y'=>$conf['avatar_max_y'])), 'function'=>'user_register', 'image' => '', 'moderator_options' => $moderator_options, 'u_active'=>' checked="true"', 'u_mailing'=>' checked="true"', 'admin'=>'1'));
	$description = $GLOBALS['lang']['users']['profile'];
}
if($_GET['cmd'] == 'mailing_sent') {
	$content = $GLOBALS['lang']['users']['mailing_sent'];
}
elseif($_GET['cmd'] == 'mailing_notsent') {
	$content = $GLOBALS['lang']['users']['mailing_error'];
}
elseif($_GET['cmd'] == 'mailing') {
	if(!perms_check('admin', 'mailing')) {
		redirect('index.php?module=error&error=auth_error');
		exit;
	}
	//adding admins
	$groups_list = '<option value="3">'.groups_get_name_by_id(3).'</option>\n';
	//adding users
	$groups_list .= '<option value="2">'.groups_get_name_by_id(2).'</option>\n';
	//adding rest
	$db->query("SELECT * FROM $conf[prefix_groups]groups WHERE type != -1 ORDER BY type ASC") or $db->err(__FILE__, __LINE__);

	while($g = $db->fetch_object()) { 
		$name = groups_get_name_by_id($g->id);
		$groups_list .= "<option value=\"$g->id\">$name</option>\n";
	}
	//

	$users_list = NULL;

	//users list
	$db->query("SELECT * FROM $conf[prefix_users]users ORDER BY login ASC") or $db->err(__FILE__, __LINE__);
	while($u = $db->fetch_object()) {
		$users_list .= "<option value=\"$u->id\">$u->login</option>\n";
	}
	//

	$content = string_template(read_file('admin/themes/mailing_form.php'), array("groups_list" => $groups_list, "users_list" => $users_list));
}

$content=string_template(read_file('middle.php'), array('theme_path' => $GLOBALS['theme_path'], 'content' => $content, 'autologin' => ' checked', 'description' => strtoupper($_GET['action'])));
//

?>
